The new, clever way hackers can 'poison' your searches and get into your ba

posted by John Elliott -
Nov 10, 2017

Malware keeps getting smarter at ways to get your money. And a new version of Zeus Panda malware has some scary smarts.

According to ablog post by Cisco-owned Talos, the Zeus Panda malware essentially “poisons” Google search results to push fake bank-related results to the top of a key word search. Then, the unwary user, looking for quick answers to a search related to their bank, is fooled into clicking on malicious links.

The malware utilizes search engine optimization (SEO) “to make their malicious links more prevalent in the search results…[which] will enable the attacker to quickly obtain credentials, banking and credit card information,” Talos said.

Malware often needs you to proactively click on links and buttons. In this case when the Microsoft Word document is opened, it prompts pop-ups such as “Enable Editing,” “Enable Content” and "Macros have been disabled." If you do enable the macro, an executable download will infect your system.

The biggest red flag you’ll get is from Microsoft itself. By default, macros are disabled. And Microsoft wants you to keep it that way to protect you from documents coming from untrusted sources.

Avast told Fox News that it is currently "blocking most of these sites, [which] prevents users from being infected."

“Defending against this attack requires not only vigilance by companies to make sure the sites and servers are compromised, but that consumers pay attention to what they are clicking on and not enabling macros or open unknown attachments,” according to a post at SC Media, a cybersecurity website.

John Elliott

Want to know more about John Elliott? Get their official bio, social pages & articles on WACO-FM!Read more